Tufts University Logo SITE_NAME

Search  GO >

this site tufts.edu people

Types of Audits and Advisory Services

AMAS conducts several different types of audits.  While certain internal audits focus on only one of the categories described below, many of our audits incorporate elements of each category. Each of our audits incorporates a risk assessment and often results in suggestions to more effectively manage the risks.

Operational Audits: provide assessments of processes, systems, workflows, and policies to determine the adequacy of internal controls and achievement of objectives.

Financial Audits: provide assessments of internal controls over financial and budgetary reporting and focus on controls over recording of revenue and expenditures.

Compliance Audits: ensure that university departments and operations adhere to applicable federal, state, and local regulations. A compliance audit determines whether current university policies, procedures, and training programs are sufficient to support compliance with regulations.

Information Technology (IT) Audits: provide assessments of the university’s various information technology support services, with a focus on controls over data security, change control, applications, system/infrastructure security, cloud based systems, information privacy etc. as they relate to the university’s administrative, academic and research applications and data management. Compliance with IT related laws and regulations is also considered within the scope of an IT audit engagement.

Departmental or Unit Level Reviews: ensure that adequate internal controls exist pertaining to administrative activities and their use of university resources and compliance with university policies and external regulations.

Management Advisory Services: In addition to the audit and risk management services AMAS provides, we work with management to develop efficiencies in operations. We also provide guidance pertaining to various administrative and compliance matters.

Assistance with Enterprise Risk Management: Initiatives: AMAS is available to help facilitate the development of school or division based risk register in accordance with the model adopted by the University to develop the Tufts Risk Register. Risk registers are helpful in documenting and ranking certain risks that can affect the achievement of a school or division’s operating and strategic objectives.

Internal Control Self-Assessment questionnaires provide management with questions to guide them in evaluating the effectiveness of their internal control environments and identifying areas where enhancement of certain policies and procedures would be advisable. The questionnaire also provides background information in advance of a formal internal audit.

Self-Assessment Questionnaire